[1829] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Named update for RH 4.2 exploitable?

daemon@ATHENA.MIT.EDU (Matti Aarnio)
Sun Jun 7 04:18:19 1998

In-Reply-To: <199806062110.RAA01110@alcove.wittsend.com> from "Michael H. Warfield" at "Jun 6, 98 05:10:21 pm"
To: linux-security@redhat.com
Date: 	Sun, 7 Jun 1998 02:20:14 +0300 (EEST)
From: Matti Aarnio <matti.aarnio@sonera.fi>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

"Michael H. Warfield" <mhw@wittsend.com> wrote:
> 	Ahhhhh!!!!  If the latest RPM's are STILL using 4.9.x instead of
> the latest 8.1.x, people should be really upset.  Bind 8.1.1 has been out
> for quite some time and, unless you have turned on those assinine fake INVQ
> inverse queries, it is not vulnerable to the remote root hack.  It was still
> vulnerable to several DoS attacks and everyone should now be using 8.1.2.
> I don't know what's in the RPM's simply because I build straight from Paul
> Vixie's sources up at www.isc.com.  I know of no reasons to be sitting
> on the 4.9.x stuff any more unless you are in love with or need some
> compatibility with /etc/named.boot (8.1.x uses the newer, more flexible
> /etc/named.conf).

	The versions secured against INVQ buffer overflow are:
		4.9.7
		8.1.2
	Specifically 4.9.6 AND 8.1.1 ARE VULNERABLE!
	(Well, in 8.* you can disable INVQ support via option section,
	 but in 4.* you must to it by compiling..(has the RH 5.1 been
	 equiped with 4.9.6 configure this way, I don't know.))

> 	Mike
>  Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
>   (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/

/Matti Aarnio <matti.aarnio@sonera.fi>

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post